Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Linux Kernel Vulnerability Affects Red Hat, CentOS, Debian

Qualys has disclosed the details of an integer overflow vulnerability in the Linux kernel that can be exploited by a local attacker for privilege escalation. The flaw, dubbed “Mutagen Astronomy,” affects certain versions of the Red Hat, CentOS and Debian distributions.

Qualys has disclosed the details of an integer overflow vulnerability in the Linux kernel that can be exploited by a local attacker for privilege escalation. The flaw, dubbed “Mutagen Astronomy,” affects certain versions of the Red Hat, CentOS and Debian distributions.

Tracked as CVE-2018-14634, the flaw exists in the kernel’s create_elf_tables() function. The security hole can be exploited using a SUID binary to escalate privileges to root, but it only works on 64-bit systems.

The vulnerability affects versions of the kernel released between July 19, 2007, and July 7, 2017. While many Linux distributions have backported the commit that addresses the bug, the fix hasn’t been implemented in Red Hat Enterprise Linux, CentOS (which is based on Red Hat), and Debian 8 Jessie.

According to an advisory published by Qualys on Tuesday, the vulnerability was reported to Red Hat on August 31 and to Linux kernel developers on September 18. The cloud-based security and compliance solutions provider has made available both technical details and proof-of-concept (PoC) exploits.

Red Hat, which assigned the flaw an impact rating of “important” and a CVSS score of 7.8 (high severity), has started releasing updates that should address the issue.

“This issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw,” Red Hat explained. “Systems with less than 32GB of memory are unlikely to be affected by this issue due to memory demands during exploitation.”

“This issue affects the version of the kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2 will address this issue,” Red Hat said.

Both CentOS and Red Hat developers have provided mitigations for the vulnerability.

Advertisement. Scroll to continue reading.

Related: ‘SegmentSmack’ Flaw in Linux Kernel Allows Remote DoS Attacks

Related: Privilege Escalation Bug Lurked in Linux Kernel for 8 Years

Related: Elevation of Privilege Flaw Impacts Linux Kernel

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights